RE: Roaming Firewall Solution Information
From: G.Crow (secure.computing_at_gmail.com)
Date: 12/15/04
- Previous message: GuidoZ: "Re: Open source access-controller?"
- In reply to: Erickson, Tom: "RE: Roaming Firewall Solution Information"
- Next in thread: Randy Williams: "Re: Roaming Firewall Solution Information"
- Reply: Randy Williams: "Re: Roaming Firewall Solution Information"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <security-basics@lists.securityfocus.com> Date: Tue, 14 Dec 2004 23:35:37 -0500
And an update on my particular issue... particularly to Randy, but just for
reference.
No matter what you take from this list, make sure you have time to test it
well enough with your environment - its common sense but bears repeating.
As Keith says, Sygate has a similar solution in detail to Integrity,
including client agent systems. After my question, and since I was only
seeking a laptop firewall (for now) I chose BlackICE and Sygate from the
recommendations for testing. (Certain other vendors haven't provided
responses to quote requests or trial requests yet, but I don't expect them
in time.) I'm more impressed with Sygate's potential feature set, but so
far it's induced a blue screen upon the initiation of any VPN connection
over our client. So test whatever you choose, YMMV.
Forgive any obtuseness above, I'm exhausted and sick. From much past
experience, I know that means my emails come out somewhat unclear.
I am glad I have a picture of Integrity's approximate cost model, though,
for later reference. Being only a small part of a large company, rolling
out Integrity on a weeks notice is a bad idea.
I sent thanks to all who replied privately, but I'm positive I missed the
ones that hit the list. Thanks.
G.Crow
> -----Original Message-----
> From: Erickson, Tom [mailto:terickso@siemens-emis.com]
> Sent: December 14, 2004 7:33 AM
> To: Randy Williams; Keith Bucknall (Home)
> Cc: security-basics@lists.securityfocus.com
> Subject: RE: Roaming Firewall Solution Information
>
> We have tested Sygate and it worked wonderfully. Many options priced
> right.
>
> Take a look at it.
>
> __________________________________________________
> Tom Erickson, MCSE
> Siemens Power Transmission & Distribution, Inc.
> Energy Management and Automation Division
> 10900 Wayzata Blvd., Suite 400
> Minnetonka, MN 55305
> Office 952.607.2408
> Mobile 763.218.1546
> Fax 952.607.2618
> email: Tom.Erickson@siemens.com
> http://www.ptd.siemens.com/emis
>
>
>
> -----Original Message-----
> From: Randy Williams [mailto:randyw@techsource.com]
> Sent: Monday, December 13, 2004 11:59 AM
> To: Keith Bucknall (Home)
> Cc: security-basics@lists.securityfocus.com
> Subject: Re: Roaming Firewall Solution Information
>
> Greetings Keith,
>
> We have a current project, awaiting funding, that would do almost
> exactly what you are looking to do with the ZoneAlarm Integrity
> client/sever product.
>
> While the Integrity product does require a master server that the
> clients routinely connect to, it allows for seamless non-intrusive
> security on the OS. The Integrity client runs as a process that they
> user (no matter their account privilege level) cannot adjust. So there
> is no chance that they will compromise themselves.
>
> The pricing we got for a 50 user rollout was about $3,700 with the
> 2-year maintenance package. They were charging about $65.00/seat for
> both the client and the server.
>
> This may be a bit outside your budget, but our review found that it was
> the best solution for us. Being a small company it will be a real win
> for us.
>
> RandyW
>
> Keith Bucknall (Home) wrote:
>
> >Hi there
> >
> >I am looking into the Cisco CSA agent software, take a look at
> www.cisco.com
> >for more detials
> >
> >-------------------------------------------------------------------------
> --
> -
> >-------------------------------------------------------------------------
> -
> >
> >
> >
> >Many thanks.....
> >
> >Mr Keith Bucknall
> >
> >-----Original Message-----
> >From: G.Crow [mailto:secure.computing@gmail.com]
> >Sent: 10 December 2004 01:16
> >To: security-basics@lists.securityfocus.com
> >Subject: Roaming Firewall Solution Information
> >
> >Greetings,
> >
> >
> >I'm seeking a firewall solution that I can deploy on my mobile users
> >laptops. I've done some research into this, but in my position I've
> >been extremely pressed for time lately, and don't know if I can get
> >the research done in the near future, especially since quotes for the
> >products I'm familiar with are hard to come by for business users.
> >Any experiences, help, or recommendations into this are more than
> >welcome.
> >
> >
> >Basically I'm tired of worrying if my users are going to bring home
> >the next big thing. I know what I'd pick for myself, but I'm not so
> >sure what is so good for end users - I'm looking for something I can
> >set up a base template of rules for and leave running without forcing
> >my users to make 'hard' choices in the field - and therefore call me.
> >I'm not currently looking at one of the centrally managed firewall
> >solutions, primarily for cost reasons - I'm doing this outside of the
> >central IT budget for a subset of users specific to my facility. I
> >haven't seen any particular studies on this issue, and testing all the
> >various products out there isn't in my immediate time scope.
> >
> >
> >My criteria/situation is as follows:
> >
> >
> >-Environment: Mixed Win2k SP4/WinXP SP1 laptops. Varied hardware.
> >~20-30 or so.
> >-Budget: $50 a head or so, lower preferable, but variance is allowed.
> >-Desired features: Importable rulesets, local logging, user-friendly
> >(as they *will* end up making it ask about some traffic)
> > -Compatibility: Cisco VPN Client, Novell, Internal web apps, i.e.
> >nothing too extreme except for possibly the Cisco client -Timeframe:
> >Trying to get this purchased before 2005
> >
> > I've looked into ZoneAlarm and Checkpoint Integrity, but Zone Labs is
> >elusive in which product they will license to business customers, and
> >at what price, so I'm unsure even of what product to test. Checkpoint
> >seems a little pricey for the simplified solution I'm going for -
> >however unlike ZoneAlarm and Tiny, I haven't played with it to be
> >sure. My experience with Tiny has been anything but user-friendly, a
> >key concern. I also haven't used recent versions, so I don't know if
> >it's improved. Kerio I haven't used, and I'm unsure of other
> >client-based unmanaged firewalls to check out.
> >
> >
> >Thank you for any help you can provide,
> >
> >Gabe
> >secure dot computing at gmail d0t com
> >
> >
- Previous message: GuidoZ: "Re: Open source access-controller?"
- In reply to: Erickson, Tom: "RE: Roaming Firewall Solution Information"
- Next in thread: Randy Williams: "Re: Roaming Firewall Solution Information"
- Reply: Randy Williams: "Re: Roaming Firewall Solution Information"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
